Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/575N4-kF9ciQkiZuzEdtMVrptoQ.roa
File: 575N4-kF9ciQkiZuzEdtMVrptoQ.roa (raw, json)
Hash identifier: EcH2I1IxpCBIbZWTrjXxgqc3N+QpqithLRGyayUSwqU=
Subject key identifier: E7:BE:4D:E3:E9:05:F5:C8:90:92:26:6E:CC:47:6D:31:5A:E9:B6:84
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0194930D3FA590276134FAE37AFBFBC28483
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/575N4-kF9ciQkiZuzEdtMVrptoQ.roa
Signing time: Thu 23 Jan 2025 12:05:06 +0000
ROA not before: Thu 23 Jan 2025 12:05:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 62.60.148.0/22 maxlen: 24
62.60.152.0/23 maxlen: 24
62.60.154.0/23 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.186.0/24 maxlen: 24
62.60.216.0/23 maxlen: 24
62.60.228.0/22 maxlen: 24
62.60.235.0/24 maxlen: 24
62.60.236.0/22 maxlen: 24
62.60.244.0/22 maxlen: 24
62.60.248.0/22 maxlen: 24
213.176.64.0/22 maxlen: 24
213.176.74.0/23 maxlen: 24
213.176.92.0/22 maxlen: 24
213.176.112.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:0d:3f:a5:90:27:61:34:fa:e3:7a:fb:fb:c2:84:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 23 12:05:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7be4de3e905f5c89092266ecc476d315ae9b684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:34:0f:e7:5c:75:dd:d2:f1:1c:bc:7e:b1:9a:
0f:2c:e3:1c:64:11:0e:cc:f5:58:d0:a4:85:9b:f8:
0a:ec:ef:e9:a7:61:b5:ac:67:41:c8:5f:5a:a8:53:
bc:43:4d:01:06:c4:f6:99:6a:2a:cc:b0:f4:08:d3:
e3:0e:c3:c8:b8:52:86:bd:d7:7d:cb:75:20:ca:b8:
a8:9c:bd:e9:93:55:9d:81:6f:cb:d2:d1:ec:cc:65:
27:cf:7b:0b:8e:75:72:95:5f:05:0f:9f:3e:1f:a0:
a2:90:5e:2f:df:45:a2:e7:17:cf:06:82:ad:0a:47:
59:bf:17:ed:01:41:aa:72:da:bd:07:c8:c9:9e:1d:
81:ed:7f:e1:82:58:74:a5:dd:fe:c1:f4:90:93:46:
d4:68:2a:27:c0:3f:93:7b:e4:33:1b:c1:1e:80:c9:
57:53:f0:dc:be:ee:a0:be:b7:83:05:25:f0:ef:59:
87:6b:20:a2:5f:f0:9d:55:89:bc:22:71:29:87:1a:
49:fa:00:36:ff:16:2c:2e:fd:d0:a1:64:ff:4d:9a:
50:23:77:da:67:fc:75:80:98:86:09:0e:be:04:ad:
1d:52:f4:88:13:53:15:11:a0:92:f6:9f:2c:58:16:
83:19:e3:01:0a:e8:ad:7b:6c:f8:5e:4c:21:0b:ab:
89:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:BE:4D:E3:E9:05:F5:C8:90:92:26:6E:CC:47:6D:31:5A:E9:B6:84
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/575N4-kF9ciQkiZuzEdtMVrptoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.148.0-62.60.159.255
62.60.186.0/24
62.60.216.0/23
62.60.228.0/22
62.60.235.0-62.60.239.255
62.60.244.0-62.60.251.255
213.176.64.0/22
213.176.74.0/23
213.176.92.0/22
213.176.112.0/22
Signature Algorithm: sha256WithRSAEncryption
73:01:4e:80:ed:6a:f9:b6:15:e5:70:68:f9:e5:32:cd:cb:fe:
e8:1a:f0:ee:6b:74:b9:73:3b:e5:20:e7:ca:37:5d:7b:54:ae:
16:9b:d4:5a:a5:f8:72:a2:b1:45:2d:c7:bc:67:9a:49:86:d4:
6d:41:ab:1c:07:fa:68:24:d4:7a:1a:c7:ea:8c:e9:8a:f7:54:
fc:d1:74:83:dc:2c:98:22:66:de:a6:f0:e8:40:17:93:3c:da:
c7:b8:91:32:a6:85:fd:c1:f3:e5:f4:66:75:db:06:55:66:e6:
e7:66:be:1c:89:f9:d2:48:24:15:49:ca:26:18:c1:5e:c1:c2:
f6:5e:a0:3e:8b:7a:89:a5:e9:4d:b0:10:37:51:4f:00:f0:8f:
69:b5:ce:41:82:7e:0d:99:e5:22:95:a8:b3:9a:2e:a1:a1:20:
15:93:ef:db:f8:01:be:52:de:01:e5:4c:59:c7:e2:2c:76:82:
08:df:38:43:6b:8d:f5:20:cd:4f:39:8d:85:2a:92:77:cc:71:
e0:7b:59:50:15:27:25:5d:b1:75:45:f0:1e:2f:c6:50:f9:5e:
df:bb:b7:ef:a9:3f:0f:d6:ca:71:d2:c0:7f:9b:24:64:8f:45:
a0:2e:db:53:6a:74:00:6a:b5:c0:3b:ce:58:5b:27:ed:aa:01:
7a:eb:09:d4
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZSTDT+lkCdhNPrjevv7woSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwMTIzMTIwNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2JlNGRlM2U5MDVmNWM4OTA5MjI2NmVjYzQ3NmQzMTVhZTliNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTQP51x13dLxHLx+sZoPLOMcZBEO
zPVY0KSFm/gK7O/pp2G1rGdByF9aqFO8Q00BBsT2mWoqzLD0CNPjDsPIuFKGvdd9
y3UgyrionL3pk1WdgW/L0tHszGUnz3sLjnVylV8FD58+H6CikF4v30Wi5xfPBoKt
CkdZvxftAUGqctq9B8jJnh2B7X/hglh0pd3+wfSQk0bUaConwD+Te+QzG8EegMlX
U/Dcvu6gvreDBSXw71mHayCiX/CdVYm8InEphxpJ+gA2/xYsLv3QoWT/TZpQI3fa
Z/x1gJiGCQ6+BK0dUvSIE1MVEaCS9p8sWBaDGeMBCuite2z4XkwhC6uJoQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFOe+TePpBfXIkJImbsxHbTFa6baEMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvNTc1TjQta0Y5Y2lRa2ladXpFZHRNVnJwdG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUMAwDBAI+PJQD
BAU+PIADBAA+PLoDBAE+PNgDBAI+POQwDAMEAD486wMEBD484DAMAwQCPjz0AwQC
Pjz4AwQC1bBAAwQB1bBKAwQC1bBcAwQC1bBwMA0GCSqGSIb3DQEBCwUAA4IBAQBz
AU6A7Wr5thXlcGj55TLNy/7oGvDua3S5czvlIOfKN117VK4Wm9RapfhyorFFLce8
Z5pJhtRtQascB/poJNR6GsfqjOmK91T80XSD3CyYImbepvDoQBeTPNrHuJEypoX9
wfPl9GZ12wZVZubnZr4cifnSSCQVScomGMFewcL2XqA+i3qJpelNsBA3UU8A8I9p
tc5Bgn4NmeUilaizmi6hoSAVk+/b+AG+Ut4B5UxZx+IsdoII3zhDa431IM1POY2F
KpJ3zHHge1lQFSclXbF1RfAeL8ZQ+V7fu7fvqT8P1spx0sB/myRkj0WgLttTanQA
arXAO85YWyftqgF66wnU
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:05:42 2025 by rpki-client